Global Retailer Credential Stuffing Case Study

Fraud

Attack Types

Authentication

Account Takeover

Bots

Credential Stuffing

Netacea

May 17, 2021

Case Studies

In early 2018, one of the world’s largest retailers identified they were being frequently targeted by credential stuffing attacks. Using breached username and passwords, threat actors were gaining access to customer accounts to make fraudulent purchases, costing the tune of millions of pounds per month. Attackers can then sell on the validated account via the Dark Web.

The fraudulent activity not only cost the retailer directly, but also put the brand’s reputation at risk. Customers were continually locked out of accounts, asked to verify their legitimacy or required to reset their usernames and passwords following an attack, leaving many users feeling frustrated.

Netacea describes what measures were implemented to prevent credential stuffing to protect the retailer from both volumetric and low and slow credential stuffing attacks, freeing up their SOC team to focus on new and emerging threats.

Some content is hidden, to be able to see it login here Login

Tagged:

Blue-tinted background of a man watching a webinar

Host a Webinar with the MRC

Help the MRC community stay current on relevant fraud, payments, and law enforcement topics.

Submit a Request

Publish Your Document with the MRC

Feature your case studies, surveys, and whitepapers in the MRC Resource Center.

Submit Your Document

Related Resources

Mar 15, 2027

MRC Vegas 2027 Join the global payments and fraud prevention community at MRC Vegas 2027, 15-18 March, at ARIA Resort & Casino. Connect with industry leaders and gain insights to combat fraud and drive payment innovation.

Mar 16, 2026

MRC Vegas 2026 Save the Date for MRC Vegas 2026! Join us from 16-19 March 2026 at ARIA Resort & Casino in Las Vegas for the premier payments and fraud prevention conference. Discover cutting-edge insights from industry leaders, engage in expert panels, and network with peers.

Feb 05, 2025

AML & Merchants: Why You Should Care, Presented by Mastercard Money-laundering is a societal challenge that touches all areas of the economy. It involves the placement, layering, and integration of money to ultimately obfuscate the proceeds of crime and to make transactions look legitimate.

Jan 08, 2025

Building a Scalable Fraud Engine: Optimizing Cost and Performance for Subscriber Growth In a rapidly growing subscription business, maintaining a proactive fraud posture is critical to optimizing both cost and effectiveness. Building a scalable fraud engine that operates across multiple platforms allows companies to reduce PSP costs, prevent disputes, and minimize revenue losses.

Nov 12, 2024

MRC Welcome & Sponsor Intro | AI's Journey to Generative AI : Unveiling the History, Myths, and Global Impact on Fraud and Payments Generative AI, like ChatGPT, has become a central focus for merchants looking to stay competitive in a rapidly evolving digital landscape.

Nov 12, 2024

Generative AI in Cybersecurity: Defending Against Evolving Threats Explore the transformative impact of Generative AI on cybersecurity, focusing on its role in predicting, detecting, and responding to modern cyber threats.

Nov 12, 2024

Generative AI for e-Commerce: 4 Use Cases to Address Business Challenges and Mitigate Risks Beyond Transaction Fraud Generative AI transforms the payments industry by improving transaction processes, fraud detection, customer support, and operational efficiency. Industry leaders are leveraging AI to optimize payment systems and reduce risks.

Nov 12, 2024

Global Generative AI Regulations and Ethical Concerns: A Cross-Region Overview As generative AI (GenAI) technology rapidly advances, regulatory efforts are underway across regions, including the U.S., EU, APAC, ANZ, and LATAM/Brazil.

Dec 05, 2023

DataDome - 2023 U.S. Bot Security Report DataDome's new study finds that a staggering 68% of US websites are unprotected against simple bot attacks, highlighting how vulnerable US businesses are to automated online threats. E-commerce sites are particularly exposed.

Aug 11, 2023

2023 UK Bot Security Report 2 in 3 UK Websites Are Unprotected Against Simple Bot Attacks.

Dec 05, 2022

2022 Southeast Asia Digital Commerce Insights While the region’s recovery after a turbulent period is well underway, businesses now find themselves in a more complex environment. How nimble and flexible is your business in adopting new payments to stay on top of market shifts and fraud risks? See how you compare.

May 17, 2022

2022 MRC Global Fraud and Payments Survey This illuminating report, produced by the Merchant Risk Council, Cybersource and Verifi, provides the latest industry fraud trends, fraud management methods, and payment strategies used by merchants globally, along with a robust set of performance benchmarks that can help with the optimization of payments and fraud management and prevention practices.

Dec 11, 2024

How Merchants Can Combat the Rising Tide of ATO Attacks Account Takeover (ATO) attacks are increasing in complexity and frequency, posing serious risks to online businesses and their customers.

Nov 20, 2024

Payments 3.0: The Custom, Distributed Payments Ecosystem Early payment processing was conducted through legacy institution-backed payment processors (PSPs). Payments 2.0 signaled the arrival of more modern PSPs, ready to serve high-growth merchants.

Nov 20, 2024

From Pain to Gain: Payments Solutions for High-Opportunity Industries Rapyd’s groundbreaking research into high-opportunity industries exposes unique pain points for payments professionals in online gaming, iGaming, affiliate marketing, creator economy, SaaS, financial services, and more.

Nov 15, 2024

Mastercard's First-Party Trust Program: Merchant Master Class First-party misuse is a costly and complex challenge, with up to 75% of card-not-present (CNP) fraud for digital goods merchants estimated to stem from it. With Mastercard’s First-Party Trust Program, which took effect on 27 October in the US, merchants now have a powerful tool to gain insights into and prevent cases of first-party misuse.

Nov 22, 2024

What 19th century economic thinking can teach us about 21st century payments and how ecommerce players ought to respond Accepting local payment methods and choosing methods that meet your business and customers' needs are different. Download the report to implement your local payment methods with data in mind.

Nov 22, 2024

Choosing the right Local Payment Methods - How to select and onboard the Local Payment Methods that will make the biggest difference to your online sales How to select and onboard the right local payment methods to make the biggest difference to your online sales.

Aug 30, 2024

Navigating Experience, Security, and the Next Frontier of Identity - Experian's 2024 U.S. Identity & Fraud Report Experian’s 2024 U.S. Identity and Fraud Report provides a snapshot of the current fraud landscape, shifting consumer expectations and actionable insights into how you can prioritize future fraud prevention technology investments.

Aug 14, 2024

Confidence in Every Transaction: A blueprint for payment success Ecommpay recently surveyed UK merchants to better understand theirpain points. Our findings revealed that 43% of merchants stated their biggest payment challenge is keeping up with the latest technologies and payment trends, but other factors relating to the day-to-day running of their business are preventing them from dedicating as much time to this as they’d like, such as the impact of the cost of living crisis, gaining access to funding, and finding the right talent.

View All Resources